Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN 3005 Upgrade to 4.01 caused RADIUS Auth. problems


I upgraded the VPN 3005 concentrator to 4.01 today and had to downgrade within an hour due to RADIUS authentication problems for users connecting using Microsoft UPN names e.g.

The Concentrator config is that we have a Group setup "" that sends all the authentication requests to Windows 2000 IAS (RADIUS).

Before the Upgrade, in the IAS Log files the Username sent from VPN to IAS was the actual name as

After the Upgrade any user using the UPN form was unable to connect. The IAS log files showed that VPN was sending the Username as only joe.billy and "" part was truncated, which resulted in Authentication failures. Any user using WHATEVER\jbilly worked ok...

Have anyone else seen ths behaviour ?

Should i have configured something in the VPN after upgrading it ?

(In Group-->general Properties, i DID have the Strip Realm box UN-CHECKED).

Regards \\ Naman


Re: VPN 3005 Upgrade to 4.01 caused RADIUS Auth. problems

I think you that you should probably have a look at bugs CSCdz43263 and CSCea12933 though the problem documented in the second bug is slightly different. The bug talks about the groupname not being stripped off and the concentrator trying to authenticate based on Username+Groupname instead of the Username alone.

CreatePlease to create content